+ca-certificates (20121105) unstable; urgency=low
+
+ * Update mozilla/certdata.txt to version 1.86 Closes: #683728
+ Certificates added (+) (none removed):
+ + "Actalis Authentication Root CA"
+ + "Trustis FPS Root CA"
+ + "StartCom Certification Authority" (renewal/rehash)
+ + "StartCom Certification Authority G2"
+ + "Buypass Class 2 Root CA"
+ + "Buypass Class 3 Root CA"
+ + "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı"
+ + "T-TeleSec GlobalRoot Class 3"
+ + "EE Certification Centre Root CA"
+ * Correct piuparts package remove/purge behavior Closes: #682125
+ - Remove deletes of /etc/ssl{,/certs} from debian/postrm
+
+ -- Michael Shuler <michael@pbandjelly.org> Mon, 05 Nov 2012 10:56:05 -0600
+
+ca-certificates (20120623) unstable; urgency=low
+
+ * Add Polish translation, thanks to Michał Kułach. Closes: #660002
+ * Add Turkish translation, thanks to Atila KOÇ. Closes: #661785
+ * Correct update-ca-certificates(8) alignment Closes: #666932
+ * Add note to update-ca-certificates(8) about .crt extension needed for
+ CA certificates in /usr/local/share/ca-certificates Closes: #595279
+ * Update mozilla/certdata.txt to version 1.83
+ Mozilla Public License updated to v2.0
+ (no added/removed CAs)
+ * Update debian/copyright to:
+ - reflect MPL v2.0 update for mozilla/certdata.txt
+ - specify GPL-2 instead of GPL symlink
+ * Update debian/NEWS with added/removed certs from 20111211 and 20120212
+ * Update to Standards-Version: 3.9.3 (no changes needed)
+
+ -- Michael Shuler <michael@pbandjelly.org> Sat, 23 Jun 2012 09:16:54 -0500
+
+ca-certificates (20120212) unstable; urgency=low
+
+ * Update mozilla/certdata.txt to version 1.81
+ Certificates added (+) and removed (-):
+ + "Security Communication RootCA2"
+ + "EC-ACC"
+ + "Hellenic Academic and Research Institutions RootCA 2011"
+ - "Verisign Class 2 Public Primary Certification Authority"
+ - "Verisign Class 4 Public Primary Certification Authority - G2"
+ - "TC TrustCenter, Germany, Class 2 CA"
+ - "TC TrustCenter, Germany, Class 3 CA"
+ * Add notice to README.Debian deprecating CA inclusions and refer to
+ #647848 for Debian CA Certificate Policy discussion.
+
+ -- Michael Shuler <michael@pbandjelly.org> Sun, 12 Feb 2012 15:12:59 -0600
+
+ca-certificates (20111211) unstable; urgency=low
+
+ * Clarify CA audit note in package description and README.debian. Thanks
+ to C.J. Adams-Collier for the patch. Closes: #594383
+ * Remove French Government IGC/A CA certificates. The RSA certificate is
+ included in the Mozilla bundle and the DSA certificate is not in use.
+ Closes: #646767
+ * Remove expired signet.pl CAs. Closes: #647849
+ * Remove expired brasil.gov.br CA.
+ * Edit 20111025 changelog/NEWS entries to correctly list installed CAs
+ * Use 'set -e' in body of debian/postinst
+ * Update mozilla/certdata.txt to version 1.80
+ (no added/removed CAs)
+ * Update mozilla/certdata2pem.py to parse NETSCAPE or NSS data
+
+ -- Michael Shuler <michael@pbandjelly.org> Sun, 11 Dec 2011 19:05:32 -0600
+
+ca-certificates (20111025) unstable; urgency=low
+
+ [ Michael Shuler ]
+ * Add 3.0 (native) source format
+ * Add Vcs-Git/Browser fields
+ * Add myself as new Maintainer with Uploaders Closes: #588219
+ * Update mozilla/certdata.txt to latest (NSS branch version 1.64.2.13)
+ Certificates added (+) and removed (-):
+ + "AffirmTrust Commercial"
+ + "AffirmTrust Networking"
+ + "AffirmTrust Premium"
+ + "AffirmTrust Premium ECC"
+ + "A-Trust-nQual-03"
+ + "Certinomis - Autorité Racine"
+ + "Certum Trusted Network CA"
+ + "Go Daddy Root Certificate Authority - G2"
+ + "Root CA Generalitat Valenciana"
+ + "Starfield Root Certificate Authority - G2"
+ + "Starfield Services Root Certificate Authority - G2"
+ + "TWCA Root Certification Authority"
+ - "AOL Time Warner Root Certification Authority 1"
+ - "AOL Time Warner Root Certification Authority 2"
+ - "DigiNotar Root CA"
+ - "Entrust.net Global Secure Personal CA"
+ - "Entrust.net Global Secure Server CA"
+ - "Entrust.net Secure Personal CA"
+ - "IPS Chained CAs root"
+ - "IPS CLASE1 root"
+ - "IPS CLASE3 root"
+ - "IPS CLASEA1 root"
+ - "IPS CLASEA3 root"
+ - "IPS Timestamping root"
+ - "Thawte Personal Freemail CA"
+ - "Thawte Time Stamping CA"
+ * Update CAcert-Class 3-Subroot-certificate Closes: #630232
+
+ [ Steve Langasek ]
+ * sbin/update-ca-certificates: move the ca-certificates.crt bundle out of
+ the way before calling c_rehash, so that symlinks don't accidentally get
+ pointed here, breaking openssl certificate verification LP: #854927
+
+ [ Loïc Minier ]
+ * Drop bogus c_rehash on upgrades, which caused issue when
+ ca-certificates.crt was still in place; instead, call
+ update-ca-certificates --fresh on upgrades to this version, and
+ the usual update-ca-certificates otherwise Closes: #643667, #537382
+
+ -- Michael Shuler <michael@pbandjelly.org> Tue, 25 Oct 2011 09:12:10 -0500
+
ca-certificates (20111022) unstable; urgency=low
* QA upload.